CVE-2005-0251

Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.
References
Link Resource
http://marc.info/?l=bugtraq&m=110868948719773&w=2 Exploit Mailing List Third Party Advisory
http://marc.info/?l=full-disclosure&m=110864983905770&w=2 Exploit Mailing List Third Party Advisory
http://www.securityfocus.com/bid/12583 Patch Third Party Advisory VDB Entry Vendor Advisory
http://marc.info/?l=bugtraq&m=110868948719773&w=2 Exploit Mailing List Third Party Advisory
http://marc.info/?l=full-disclosure&m=110864983905770&w=2 Exploit Mailing List Third Party Advisory
http://www.securityfocus.com/bid/12583 Patch Third Party Advisory VDB Entry Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:guillaumegardey:biborb:1.3.2:-:*:*:*:*:*:*
cpe:2.3:a:guillaumegardey:biborb:1.3.2:rc:*:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=110868948719773&w=2 - Exploit, Mailing List, Third Party Advisory () http://marc.info/?l=bugtraq&m=110868948719773&w=2 - Exploit, Mailing List, Third Party Advisory
References () http://marc.info/?l=full-disclosure&m=110864983905770&w=2 - Exploit, Mailing List, Third Party Advisory () http://marc.info/?l=full-disclosure&m=110864983905770&w=2 - Exploit, Mailing List, Third Party Advisory
References () http://www.securityfocus.com/bid/12583 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/bid/12583 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0251

Mitre link : CVE-2005-0251

CVE.ORG link : CVE-2005-0251


JSON object : View

Products Affected

guillaumegardey

  • biborb
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')